Knack Operations
  • TABLE OF CONTENTS
  • Knack Operations Read-Only
  • Knack
    • Platform Overview
    • Functionality Guide
    • Style Guide
    • Banner Logos
    • Rounding Knack Costs Correctly
    • URL Parameters to populate a form
    • Importing Records
    • Copy an Application
  • Knack Security
    • Single Sign On (SSO)
      • Configuring a new Knack App with certificates
      • Enabling SSO in Knack
      • Configuring new certificates for all Knack Apps - When certs expire!
        • SSL Certificate Creation
  • Knack Integrations
    • Open Data Portal - Socrata Integration
    • ArcGIS Online Integration
    • CSR configuration prep in Knack
      • Creating CSR Page components
  • Knack Code
    • Code Version Control
    • GitHub Code Workflow
    • CODE: Login Buttons/App Setup
    • App Specific Custom Code
      • CODE: Vision Zero in Action
    • CODE: Knack Functionality
      • Big Buttons
      • Save Knack Record ID
      • Redirect Blank Menu Pages
      • Disable Trigger Buttons
      • Disable Modal Background Click/Touch
      • Disable Breadcrumb Navigation Links
      • Remove Back Links
      • Back Link Buttons
      • Return to Previous Page Button
      • Auto Input Validation Form Fields
      • Conditionally Hide/Show Form Fields
      • Return to Top Button
      • Refresh View Button
      • Detect IE
      • Set Map iFrame Source URL
    • CODE: Knack Look & Feel
      • Multipage Step Indicator
      • Modal Close Styling
      • Relabel Attachment Links
      • Navigation Dropdown Menu Buttons
      • In-Form Dropdown Menu Buttons
      • Trigger Buttons
      • Hyperlink a Form Field Label
      • Remove Table Header
      • Modify Table Summary Rows
      • Convert Values to UPPERCASE (Option A)
      • Convert Values to UPPERCASE (Option B)
      • Highlight Details View Label Body & Table Value
      • Report Headers
      • Report Filters Container Size
      • Report Element Colors
      • HighCharts Report Styling
      • Font Awesome Icons
    • CODE: Mobile Optimization
      • Detail Labels
    • CODE: Retrieve builder URL of Email Rules
    • CODE: Knack Print Page
      • Print Header with Page Break/Number
      • Print without overlapping views
      • Print using Menu Button
      • Print using Trigger Button
      • Show Character Limit of Input
      • Add fixed Footer on Print
  • AMD | DATA TRACKER
    • AMD | Data Tracker
    • Asset Changes
    • CSR | Flex Note Archiving
    • Cameras
    • Fix Broken CCTV Device Status Page Links
    • Performance Measures
    • Builder Notes
      • Configure New AMD Asset in Data Tracker
      • Data Tracker | Annual Signal and PHB Request Ranking
      • Page Rules (TMC) CSR
      • NOTIFICATION | Construction Status Email
      • NOTIFICATION | One Day Signal Engineer Due Date
      • DETAILS | Preventative Maintenance (PM)
      • DETAILS | Signal Detectors Object Tables, Reports, misc..
      • DETAILS | Signals
      • Signals Work Order | EDIT FORMS
      • Signals Work Order | FORM LOCATIONS
      • Editing Signals Work Order | NEW FORMS
    • Warehouse Inventory - Updating Journal Vouchers (JV) information
    • Cancel Transactions & Replenishments
    • Adjustment Transaction, Unit Cost Adjustments & Re-Stock
    • DTS | Adminstrative Action
  • DTS | Data & Technology Services Portal
    • DTS | Data & Technology Services Portal
    • Dataset inventory
    • Application Inventory
  • Finance & Purchasing
    • Finance & Purchasing Portal
    • Finance & Purchasing
      • Training, Quiz, Account Access Process
      • Purchase Request Statuses
      • List of emails generated
      • Re/Un-assigning Approver of a PR
      • Change PR Statuses (backend)
      • Invoice: FAQs
    • Warehouse Inventory
      • Adding a new inventory item
  • HR | Human Resources
    • HR | Human Resources Portal
    • Integrations TPW HR Portal
      • Integration HR Portal -> TPW Hire?
    • How to add a new HR Form
  • TPW Hire
    • TPW HiRe | Hiring Resource
  • PEP | Parking Enterprise Portal
    • PEP | Parking Enterprise Portal
    • Dispatch Resource Tracking Log Archiving
    • Update Parking Citation Report by Fiscal Year (FY)
  • ROW | Right of Way Portal
    • ROW | Right of Way Portal
    • COS JV Update
  • RPP | Residential Parking Permit Portal
    • RPP | Residential Parking Permits
    • Residential Parking Permits
    • RPP Migration
  • SBO | Street & Bridge Operations
    • SBO | Street & Bridge Operations
  • SMD | Signs & Markings Operations
    • SMD | Signs & Markings Operations
    • Table of Contents
    • Workflow
    • Markings | Work Orders
      • Process & Module Functionality
    • Markings | Service Requests
      • Process & Module Functionality
    • Signs | Work Orders
      • Process & Module Functionality
    • Signs | Service Requests
      • Process & Functionality
    • Contractor | Work Orders
      • Process & Module Functionality
    • Sign Fabrication Work Orders
      • Process and Functionality
    • Special Functions/Codes
      • Work Order Attachments
  • SMO | Smart Mobility Operations
    • SMO | Smart Mobility Portal
  • SMS | Shared Mobility Services
    • SMS | Shared Mobility Portal
    • License & Permit Management
    • Sources for Monthly Trip Records
  • STREET BANNER PROGRAM
    • Street Banner Program
    • Street Banner Program
  • TDS | Transportation Development Services
    • TDS | Transportation Development Services Portal
    • Color Palette
    • Role Permissions Guide
    • App Logic
      • Calculating Date Values for Reporting
      • Incrementing Review Cycle Automatically
      • Calculating Review Time & On Time Percentage
      • Calculating Cycle Completion Percentage
      • Calculating an Expiration Date
      • Automatic Due Date with Manual Adjustment
      • Roll up Child Object Conditionals
      • Converting an Entered Percentage to a Percentage Value
      • Create a Connection Link Field to View a Searched Record
      • Extracting Location Coordinates to add a Map Marker Map
    • TDR | Development Reviews
    • TIA | Traffic Impact Analysis
    • TDA | Transportation Development Assessments
  • Traffic Register
    • Traffic Register
    • Table of Contents
    • Workflow
    • Modules
    • Special Functions/Code
    • Permissions
  • TPW Forms
    • TPW Forms
  • Urban Forestry
  • VZA | Vision Zero in Action
    • VZA | Vision Zero in Action
    • Batch Copy Process for VZA Assignments
    • Calculate School Closures
    • Login Process for Officers
    • Officer Records
    • Update reports in Power BI
    • Use Tasks for Creating Child Records
    • Use Tasks for Notifications
  • O365 Resources
    • Resources
Powered by GitBook
On this page

Was this helpful?

  1. Knack Security
  2. Single Sign On (SSO)

Configuring new certificates for all Knack Apps - When certs expire!

How to re-configure SSO in Knack when certs expire in Mid June

PreviousEnabling SSO in KnackNextSSL Certificate Creation

Last updated 3 days ago

Was this helpful?

This scenario happens every two years when our SSL certificates expire, we have an outlook calendar event notification to remind us when to do this.

If you need to generate a new certificate (because the current cert has expired, for example), see our article for instructions. Note that as a best practice we use the same certificate across all knack apps. So, if you do need to generate a new certificate, you should do this for every Knack application. Consult the application team before embarking on this.

  1. Generate new certificates according to our SSL Certificate Creation

  2. Make sure to save those new certificates in One Password with proper formatting

  3. Schedule a meeting with CTM so they can update Azure Active Directory as you update app certificates (this limits or negates any downtime users will have signing into apps)

  4. During the meeting, navigate to a Knack login page with SSO enabled in the builder

  5. Replace the Decryption private certificate and the Decryption public certificates with the new certificates that we just created

  6. Save and test an SSO login page. If you get a Public Key error, CTM will need to recreate the app instance in Azure. Otherwise, update and test each app accordingly until complete

If Testing does result in a Public Key error, continue:

  1. As CTM is recreating the new app instance in Azure, remove the Identity Provider's certificate in Knack and then provide CTM the updated metadata file or link with only the Decryption private and public certificates filled in. All other Provider Settings should remain and stay the same

  2. CTM will add the metadata info to Azure, allowing them to provide you a new metadata file or link with the x509 certificate in it

  3. Verify with CTM that the x509 certificate in the file you received matches the Identity Provider certificate in Azure (by matching the last few characters of the cert)

  4. Copy that x509 certificate from the metadata file or link

  5. Use the to format the x509 certificate with headers

  6. Add to the Knack Identity Provider's certificate box and save the updated credentials

  7. Test an SSO login page to ensure its working correctly

  8. Add the new unique IP Cert to One Password as your repeat these steps for each Knack app

Possible Errors

If you get the Public Key error in your browser, a new app instance must be created in Azure by CTM where the existing IP Cert must be removed and replaced with the new certificate CTM provides. Refer to the Configuring new certificates for all Knack apps above for the steps to take.

If you see an error similar to this: (AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: 'atd.knack.com/'), contact CTM and ask them to update the Azure Instance (ACS URL) with US included in the URL.

SSL Certificate Management
X509 Formatter